347 647 9001+1 714 797 8196Request a Call
Call Me

Project Risk Management

May 13, 2014
, , , , ,

Risk Management Overview

There is no project or technique that is 100% risk free. Risk in unavoidable when we take projects. However it is the responsibility of the project manager to ensure that risks are reduced to a minimum. With a proper risk management in place the risks can be monitored and controlled.

There are broadly four stages of risk management:

● Risk Identification

● Quantifying risks

● Risk response

● Risk monitoring and control

Risk management stages

Classic examples of poor risk management leading to project failures

1. Lufthansa Systems Germany- Airline Ticket reservation System cancelled after 2 years. Although little information was available, the major reason was cited to be poor feasibility study and bad risk management

2. Los Angeles Unified School District- New payroll system goes wrong. Some teachers are paid $10000 for one month’s work while others are paid 20 cents

Reason cited was difficulty in cleaning the legacy data and poor training of the system

3.Qantas Australian Airline- Failure to engage the engineers in requirement gathering and testing of the system “Jetsmart” the new engineering parts system led to a system that was unusable by the engineers

In all these examples either the risks were not identified or were not properly monitored and controlled. Failure in any part of the risk management cycle can make the system unusable.

Risk Factors

● Probability of occurrence

● Range of outcome

● Timing of occurrence

● Frequency of the risk event

Risk Management Plan

A risk management plan comprises of the following:

● Roles, responsibilities and methodology

● Classification of risks

● Probability of risks and impact

● Reporting of risks and risk tracking

Types of risks in projects

There are basically four types of risks in project management

● Scope risk- This includes changes in scope of the project due to changes in complexity or changes in dependency or any hardware or software changes

● Scheduling risk- This includes delays due to scheduling issues like vendor delays, error in estimation or delay in acquisition. A common method of avoiding scheduling risks is by critical path method

● Resource issues- This includes risks due to outsourcing and personnel related issues. A common resource risk is attrition risks. Availability of funds can also be an issue. Another area which needs the attention of the project manager is outsourcing because it is not under the direct purview of the project manager.

● Technology risks- This includes risks arising out of hardware or software failure or due to outdating of the hardware and software.

Risk Identification techniques for Project Management

● Information gathering techniques

- Brainstorming- Here a lot of thinking goes among the team members to identify the possible risks

- Delphi technique- Here a questionnaire is distributed to the experts and their response is collected. The process is then iterated several times so that a consensus of opinion is reached.

- Root cause Analysis- Here a problem is identified, the cause is analysed and action is taken so that the problem does not occur in future.

Checklist Analysis- Here a checklist is made of all the possible problems that may occur and care is taken so that we prevent the risk

SWOT- A SWOT analysis helps us to focus the risk identification on the strengths and weakness of the project as well as opportunities and threats.

Influence diagrams- An influence is a visual representation of a decision problem. Influence diagrams help to identify the decisions, uncertainties and objectives and how they influence each other.

Example of an influence diagram for a product decision

Influence Diagram - Product Decision

Source: smartdraw

Fish bone diagram- Also known as cause and effect diagram it is one of the commonly used method for risk identification. In this method the various causes of a problem are categorised under People, machine, environment, measures and methods category. Very useful for project of all kinds

Potential reasons of poor results

source: salesperformance

The above diagram shows the risk management using fish bone diagram for Sales and Marketing business

Probability Impact Matrix- It is a qualitative method of risk identification. In this method. It categorises the risk and and its impact based on the probability of the occurrence of the risk



Very less






Low Low Low Medium Medium


Low Low Medium Medium Medium


Low Medium Medium Medium High


Medium Medium Medium High High

Very likely

Medium Medium High High High

The risks which have high impact and high probability of occurrence are highlighted n red. They are the ones that should be more emphasized on. All risks which fall in the red zone are the one that are unacceptable. Risks in yellow zone are the ones that can be tackled. Risks in green zone are the ones that will least bother us

Expected value method- Its a quantitative method of risk identification and risk analysis. In this method the expected value of the decision tree alternatives is used to arrive at a decision.

Decision Chart

EMV of decision 1= 10000-9000=1000

EMV of decision 2 =3200-8000=-4800

Hence choose decision 1

Risk Response

The Process of developing action to enhance opportunities and to reduce the threat is called Risk Response.

The following thing broadly encompass risk response:

● Strategies for negative risks

● Strategies for positive opportunities

● Contingency Plan

Strategies for threats are basically:

- Eliminate the threat

- Transfer the threat to a third party

- Reduce the threat

Strategies for opportunities are:

- Ensure that the opportunities definitely happen

- Ensure that the probability or impact of the opportunities increase

Risk Monitoring and Control

The purposes of risk monitoring and control are:

● Monitoring existing risks

● Identifying new risks

● Implementing risk response plans

● To see of a risk can be retired

● Audit of risk management policy

So this is how you must ideally manage risks for your project in order to make it successful. Incase of any doubts or queries, kindly get back to us.


About the Author

Trusted by Fortune 500 Companies and 10,000 Students from 40+ countries across the globe, it is one of the leading International Training providers for Finance Certifications like FRM®, CFA®, PRM®, Business Analytics, HR Analytics, Financial Modeling, and Operational Risk Modeling. EduPristine has conducted more than 500,000 man-hours of quality training in finance.


Global Association of Risk Professionals, Inc. (GARP®) does not endorse, promote, review or warrant the accuracy of the products or services offered by EduPristine for FRM® related information, nor does it endorse any pass rates claimed by the provider. Further, GARP® is not responsible for any fees or costs paid by the user to EduPristine nor is GARP® responsible for any fees or costs of any person or entity providing any services to EduPristine Study Program. FRM®, GARP® and Global Association of Risk Professionals®, are trademarks owned by the Global Association of Risk Professionals, Inc

CFA Institute does not endorse, promote, or warrant the accuracy or quality of the products or services offered by EduPristine. CFA Institute, CFA®, Claritas® and Chartered Financial Analyst® are trademarks owned by CFA Institute.

Utmost care has been taken to ensure that there is no copyright violation or infringement in any of our content. Still, in case you feel that there is any copyright violation of any kind please send a mail to and we will rectify it.

Popular Blogs: Whatsapp Revenue Model | CFA vs CPA | CMA vs CPA | ACCA vs CPA | CFA vs FRM

Post ID = 53864